On Thu, Dec 22, 2022 at 1:12 PM Dan Nessett <dness...@yahoo.com.invalid> wrote:
> Now that I have apache configured properly, I am trying to get guacamole > to connect to a vnc server (tightvnc) running on the remote machine. Here > is the listen toplogy: > ... > This shows that tightvnc is listening on 5901, guacd is listening on 4822, > and tomcat on 8080. > > In /etc/guacamole, the guacamole properties are: > > # MySQL properties > mysql-hostname: 127.0.0.1 > mysql-port: 3306 > mysql-database: guacamole_db > mysql-username: guacamole_user > mysql-password: xxxxxxxxxxxxx > This looks fine but ... > hostname: 127.0.0.1 > port: 5901 > color-depth: 8 > None of these are properties - they are connection parameters. Placing these parameters here as if they were properties will have no effect. And user-mapping.xml is: > You should not use "user-mapping.xml" if you are using a MySQL database. If you have a database set up, then that's all you need to use and the "user-mapping.xml" file is no longer needed. You are actually maintaining two distinct accounts by doing this, and this will lead to further confusion. The "user-mapping.xml" file and the database are two separate and independent authentication mechanisms. Defining a user within "user-mapping.xml" AND within the database via the UI will mean that you have two distinct accounts: one with the credentials noted in the XML that will have access to only the connections defined in the XML, and another with the credentials defined via the admin UI that will have access only to the connections you have granted in the UI. If the VNC connection itself is not working when you attempt to use it, the thing to check would be the guacd logs. These should be in syslog (or systemd's "journalctl" tool). If the VNC connection is being successfully established but is being rejected by the VNC server due to auth, check your VNC server's logs. - Mike
